Cybersecurity is the word, not the bird, from South Korea (see here) to the US. The week opened with an unusual healthcare plan supplier breach: 3.3 million payer records held by a card issuer, Newkirk Products of Albany, NY. The company issues ID cards for several Blue Cross and Blue Shield plans and provides management services to other commercial payers. Ironically, it was discovered five days after their $410 million acquisition by Broadridge Financial Solutions of Lake Success, Long Island. On July 6, Newkirk discovered ‘unauthorized access’ to a server with records containing the member’s name, mailing address, type of plan, member and group ID number, names of dependents enrolled in the plan, primary care provider, and in some cases, date of birth, premium invoice information and Medicaid ID number. “No health plans’ systems were accessed or affected in any way” according to the release. MedCityNews, Newkirk release on notice
Another supplier breach affected another estimated 3.7 million patients at Arizona’s Banner Health. This one was a bit closer to home, hacking computer systems used in payment processing on debit and credit cards used at their food and beverage outlets in four states between June 23 and July 7. A week later, the hackers gained unauthorized access to systems containing patient information, health plan member and beneficiary information, as well as information about physician and healthcare providers. MedCityNews, Banner Health release
But what’s secret anymore about your health data anyway? It’s all those apps that are sending data via your Apple Watch and your Fitbit which aren’t necessarily covered by HIPAA or secure. Your online (and brick-mortar) shopping behavior, in the world of Big Data and predictive analytics, makes it easy to infer what’s happening healthwise. Join a patient community, and while it’s au courant to have your data be wild, free and shared with others, it also tattles on you to marketers and potential hackers. How Your Health Data Lead A Not-So-Secret Life Online (NPR)
But is medical identity theft that big of a deal? ID Experts will scare the hairs off your head over the 140 million Americans with information disclosed in data breaches, exploding through criminal attacks, the 10 deadly sins of healthcare fraud amounting to $272 billion–and actually who owns your PHI, because it may not be you. Start with A Big Deal or Much Ado about Nothing? from this 2015 article series. Of course it helps them market their data breach and security services.